When You Start Your WordPress Blog

Note: This is reposted from what was originally part of the “page” structure of this blog. It shows what you can expect when you decide to start a blog on WordPress.com.

Suus Not Ut Difficile!


When you click this link to start a new WordPress blog, you will see a screen something like this:

Wordpress Signup Page

All you do then is enter a name, like this:

Aase Family Blog Creation

And then, provided your name is unique enough, you get a message like this:

Blog Created

Congratulations! You now have a blog!

It’s that simple. It’s really that simple.

Blogging from 30,000 Feet

As I’m on my Delta flight from Newark to Minneapolis, the second-to-last leg of my return from Paris, I decided to give in-flight wifi a try. It’s kind of cool to be able to track our flight progress as well: right now we’re at about 36,000 feet (according to the captain), and according to the flight tracker we’re going to be just south of Binghamton, NY fairly soon.

I think I might give Lisa a little surprise and Skype her from the sky.

Stay tuned…

Update: Skype didn’t work so well with airline wifi, at least on Delta. I could kind of hear Lisa’s voice, but it was really distorted. I just tried to call her cell. Now I will maybe try to upload some photos to Facebook.

Always continuing in a spirit of research and exploration. That’s what you would expect from your Chancellor, right?

A Wave of Malware

In the last few days I have had an interesting (and frustrating) experience with malware, which provides further proof of human depravity (as if I needed it after the case of our van windows.)

Malware is malicious software and apparently there is virtual crime spree going on right now related to programs like WordPress, which I use to publish SMUG. Similarly, after I did the post about our broken van windows, I learned that ours was one of 19 such crime reports from that night of terror.

I guess in some sense we took some comfort in that we weren’t alone in being victimized, but it didn’t make it less costly to fix.

In the case of the malware attacks, however, the scale of the attacks means others are mobilizing to help.

On Tuesday night, after having gotten notice that I had a malware infestation, I had upgraded my WordPress to the latest version, 2.9.2, and had followed the instructions from WordPress.org and my hosting provider, GoDaddy.

But the problem still didn’t go away; when my wife Lisa was viewing SMUG on my iPad (yes, I will have some posts about my iPad impressions soon), I saw the malware for myself. So it told me I may have helped to prevent further infection, but there was still some malicious code to remove from the site.

This evening I got a note from GoDaddy offering help in removing the malicious javascript, which I authorized them to do.

But they said I still needed to take steps to prevent the problem from recurring, such as changing my Web hosting passwords.

I’m fairly certain that I have it all disinfected now. The last step was to change my server permissions as recommended by the author of my WP Super Cache plug-in so that the virtual ruffians can’t deposit their code on the SMUG server.

A few observations:

  1. One of the benefits of WordPress.com is that in its restrictive environment, which strips out javascript from any posts, it prevents malware attacks. If you can get by with only using YouTube videos (instead of other players that use javascript), you can save yourself some muss and fuss by sticking with WordPress.com.
  2. This does create some limitations, however, so by going to self-hosted you can get ability to embed widgets and video players. You need to be careful in what you install to make sure you’re not bringing malware along for the ride.
  3. The GoDaddy community site has a couple of good posts on identifying, removing and preventing malware on your hosting server and how to fix a compromised WordPress site.

Thanks to those who brought this situation to my attention. I believe the malware was hiding in some cached pages on SMUG (pages that are pre-loaded, so to speak, to make the site perform better.) Since I wasn’t getting those cached pages served to me, I wasn’t seeing the malware.

Please let me know if you see anything malicious happening here.

I often say that I started my blog, back in the day when it was called Lines from Lee, as a way to learn and make my mistakes on my own account, so that by the time we launched blogs for my employer I would have worked out all the kinks. Having our Mayo Clinic blogs hosted on WordPress.com has been a safe solution to date. As we consider moving to self-hosted WordPress, this episode highlights for me the need to have someone technically adept and able to make sure all of the security is kept updated.

In that sense, I guess I’m glad the malware attack happened at SMUG. It was inconvenient for a week or so, and responsible for the fact that I haven’t posted for several days. But I would rather learn here, and let the SMUGgles learn along with me, so that we can prevent attacks on our work-related sites.

Getting More Sociable

I mentioned in my last post that I was looking for a way to add the Facebook “Like” button to my posts, and so I’m experimenting with another plugin from Sociable, called Facebook Open Graph. I had already added Facebook Connect functionality through another plugin, but this one theoretically should be better. I may still have a few kinks to work out, and I was disappointed that it didn’t immediately put the “Like” button on my previous posts.

But maybe it only works with new posts, or maybe I have to edit posts to get this button added.

In keeping with the Spirit of SMUG, I’m just giving it a try with this new post, and we’ll see if it works. I’ll keep you updated as I figure it out.

Getting Sociable

Until now, I had been using the Tweet This! and Share This! plug-ins to encourage sharing of posts, and I’m working on getting the Facebook “Like” button installed, so I might switch my Facebook Connect plug-in, too.

This morning I stumbled across a sharing plug-in that I like a lot more than the other two, and I think it makes for a nicer look. It’s called Sociable, and while it supposedly hasn’t been tested for the latest version of WordPress, it seems to be working well.

I like that it lets me choose from among 99 different sharing sites and methods (including email) in one toolbar, and that you can customize both the heading (so I could call out Twitter, Facebook and E-Mail among the options) and the order of the icons.

Here’s a screen shot of all 99 services (click to enlarge):

The ability to customize your blog with plug-ins like this is one of the main advantages of a self-hosted WordPress blog, as opposed to using WordPress.com. Still, WordPress.com is a great way to get your blog started quickly, and you can use domain mapping on WordPress.com to ensure continuity, so that if you decide later to move to self-hosted (as I did with SMUG), you don’t lose your external links.

If you’re using self-hosted WordPress, you might want to get Sociable too…and use the buttons below to share this post with your friends.